wpCop talks a lot about the weakest link, a chink in our armor, a vulnerability that, threatened, could compromise a site.
In general without doubt, lack of awareness is the weakest link.
So what's to know?
Creating this awareness is what wpCop‘s Risk section is all about.
Assessing the risk to WordPress
Laying the foundation to our security know-how, What’s The Risk? introduces hackers and their tricks, considering how the former ply the latter against our WordPress sites, whether directly or indirectly.
In a nutshell, here’s the order of play:
- Knowing the enemy, the variety of mindset, and the levels of skill
- Considering physical security and the threat from social engineering
- Weighing up OS security, allow vs. deny policies and open vs. closed source
- Mulling over malware in its many shapes and forms
- Assessing risks from local devices such as PCs and routers
- Treading carefully in the malicious minefield that is the web
- Sizing up vulnerabilities to WordPress and its third party code
- Addressing the frailties of and attacks to your server-side environment
You may think most of this is irrelevant to WordPress security. You'd be wrong.
Let's be clear, and regardless of your site's hosting arrangement … if a hacker grabs a password from your PC, then all bets are off … if a hacker can borrow your phone, then all bets are off … if a hacker can coerce you to a malicious site, then all bets are off … and that's barely skimming the surface.
Evaluating WordPress threats with wpCop
Awareness is security's best friend. You can patch away but, without a fair grasp of the more general spectrum of risk, your defense is hopeful. wpCop's risk guides fill the knowledge gap. Have some more detail.
OK, that'll keep you busy.
So What’s the Risk?
I make no apology for repeating this point …
… That doesn't mean we can't have a darned good try.
What we can achieve, over time, is to boost our understanding, discipline our computing practice, harden our devices, lock our locations, consolidate our networks and screen our sites. So let's. Cracking off with awareness.
Even this carries no guarantee. Tell you what though, it's pretty darned tight.
We'll jump in, trying to have a laugh here and there to keep us awake.